CSC 474 Information Systems Security

Similar documents
CSC Network Security

Communication Systems SSL

SECURE SOCKETS LAYER (SSL)

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

Web Security Considerations

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

SECURE SOCKETS LAYER (SSL) SECURE SOCKETS LAYER (SSL) SSL ARCHITECTURE SSL/TLS DIFFERENCES SSL ARCHITECTURE. INFS 766 Internet Security Protocols

Secure Socket Layer. Security Threat Classifications

SSL/TLS. What Layer? History. SSL vs. IPsec. SSL Architecture. SSL Architecture. IT443 Network Security Administration Instructor: Bo Sheng

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

Transport Layer Security Protocols

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Communication Security for Applications

SSL Secure Socket Layer

ISA 562 Information System Security

The Secure Sockets Layer (SSL)

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

Managing and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:

SSL Secure Socket Layer

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

Cryptography and Network Security Sicurezza delle reti e dei sistemi informatici SSL/TSL

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Network Security Essentials Chapter 5

Secure Socket Layer/ Transport Layer Security (SSL/TLS)

Chapter 17. Transport-Level Security

Network Security Part II: Standards

Chapter 7 Transport-Level Security

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Security Protocols and Infrastructures. h_da, Winter Term 2011/2012

Lecture 7: Transport Level Security SSL/TLS. Course Admin

Secure Sockets Layer

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Transport Level Security

Information Security

Lecture 4: Transport Layer Security (secure Socket Layer)

Transport Layer Security (TLS)

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald

Authenticity of Public Keys

HTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL)

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Overview. SSL Cryptography Overview CHAPTER 1

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

Web Security. Mahalingam Ramkumar

TLS/SSL in distributed systems. Eugen Babinciuc

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Secure Socket Layer (TLS) Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

Protocol Rollback and Network Security

Binding Security Tokens to TLS Channels. A. Langley, Google Inc. D. Balfanz, Google Inc. A. Popov, Microsoft Corp.

Cryptography and Network Security IPSEC

, ) I Transport Layer Security

Computer and Network Security

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Institute of Computer Technology - Vienna University of Technology. L96 - SSL, PGP, Kerberos

SSL: Secure Socket Layer

SECURE SOCKET LAYER PROTOCOL SIMULATION IN JAVA. A Research Project NAGENDRA KARRI

Network Security Protocols

Overview SSL/TLS HTTPS SSH. TLS Protocol Architecture TLS Handshake Protocol TLS Record Protocol. SSH Protocol Architecture SSH Transport Protocol

TLS-RSA-PSK. Channel Binding using Transport Layer Security with Pre Shared Keys

Security Protocols/Standards

Embedded SSL. Christophe Kiennert, Pascal Urien. Embedded SSL - Christophe Kiennert, Pascal Urien 1

Lab 7. Answer. Figure 1

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

SSL A discussion of the Secure Socket Layer

Three attacks in SSL protocol and their solutions

Low-Level TLS Hacking

Chapter 51 Secure Sockets Layer (SSL)

Lab Exercise SSL/TLS. Objective. Requirements. Step 1: Capture a Trace

Some solutions commonly used in order to guarantee a certain level of safety and security are:

Chapter 34 Secure Sockets Layer (SSL)

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Introduction. Haroula Zouridaki Mohammed Bin Abdullah Waheed Qureshi

Chapter 27 Secure Sockets Layer (SSL)

Lecture 10: Network Security Protocols

Chapter 10. Network Security

, SNMP, Securing the Web: SSL

IPSec and SSL Virtual Private Networks

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

Interested in learning more about security? SSL/TLS: What's Under the Hood. Copyright SANS Institute Author Retains Full Rights

The Beautiful Features of SSL And Why You Want to Use Them?

Lecture 10: Communications Security

Chapter 32 Internet Security

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

Einführung in SSL mit Wireshark

SSL Handshake Analysis

CSCI 454/554 Computer and Network Security. Final Exam Review

TLS and SRTP for Skype Connect. Technical Datasheet

TLS handshake method based on SIP

Implementation and Evaluation of Datagram Transport Layer Security (DTLS) for the Android Operating System DANIELE TRABALZA

Chapter 11 Security Protocols. Network Security Threats Security and Cryptography Network Security Protocols Cryptographic Algorithms

Secure Communication Protocol for ATM Using TLS Handshake

Lecture 31 SSL. SSL: Secure Socket Layer. History SSL SSL. Security April 13, 2005

Transcription:

CSC 474 Information Systems Security Topic 4.5 Transport Layer Security CSC 474 Dr. Peng Ning 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally developed to secure http Version 3 was developed with public review Application independent Can be used for any application protocol Examples: telnet, pop3, imap, ftp, etc. Transport Layer Security (TLS) TLS 1.0 very close to SSL 3.1 Backward compatible with SSL v3. CSC 474 Dr. Peng Ning 2

SSL Architecture A two-layered protocol. Rely on TCP for a reliable communication. SSL Handshake Protocol SSL Change Cipher Spec Protocol SSL Record Protocol TCP IP SSL Alert Protocol HTTP and other protocols SSL Protocol Stack CSC 474 Dr. Peng Ning 3 SSL Services Peer entity and data authentication Data confidentiality Data integrity Compression/decompression Generation/distribution of session keys Integrated to protocol A different approach from IPSec Security parameter negotiation. CSC 474 Dr. Peng Ning 4

SSL Connection and Session Each SSL session can be used for multiple SSL connections. SSL Session An association between a client and a server. Created by handshake protocol. Are used to avoid negotiation of new security parameters for each connection. SSL Connection A connection is a transport that provides a suitable type of service. Peer-to-peer, transient Each connection is associate with one session. CSC 474 Dr. Peng Ning 5 SSL Session We can view an SSL session as an SSL security association. A SSL session consists of Session ID X.509 public-key certificate of peer (could be null) Compression algorithm Cipher spec: Encryption algorithm, message digest algorithm, etc. Master secret: 48 byte secret shared between the client and server Is reusable CSC 474 Dr. Peng Ning 6

SSL Connection An SSL Connection consists of Server and client random Server write MAC secret Client write MAC secret Server write key Client write key Server IV Client IV Sequence number CSC 474 Dr. Peng Ning 7 SSL Record Protocol Four steps by sender (reversed by receiver) Fragmentation 2 14 bytes Compression (optional) MAC Encryption CSC 474 Dr. Peng Ning 8

SSL Record Protocol Operation CSC 474 Dr. Peng Ning 9 SSL Record Format CSC 474 Dr. Peng Ning 10

SSL Record Protocol Payload CSC 474 Dr. Peng Ning 11 Handshake Protocol Initially SSL session has null compression and encryption algorithm. Both are set by the handshake protocol at the beginning of session. Handshake protocol may be repeated during the session. Four phases Establish Security Capabilities Server Authentication and Key Exchange Client Authentication and Key Exchange Finish CSC 474 Dr. Peng Ning 12

Phase 1. Establish Security Capabilities Client Server Client_hello* Server_hello* Message marked by * are mandatory; Other messages are optional. CSC 474 Dr. Peng Ning 13 Phase 1 (Cont d) Client_hello Version: The highest SSL version understood by the client Random: 4-byte timestamp + 28-byte random number. Session ID: zero for new session, non-zero for a previous session CipherSuite: list of supported algorithms Compression Method: list of supported compression methods CSC 474 Dr. Peng Ning 14

Phase 1 (Cont d) Server_hello Version: min (client_hello version, highest version supported by the server) Random: 4-byte timestamp + 28-byte random number. Generated by the server Session ID: CipherSuite: selected from the client s list by the server Compression method: selected from the client s list by the server CSC 474 Dr. Peng Ning 15 Phase 2: Server Authentication and Key Exchange Client Server Certificate Server_key_exchange Certificate_request Server_done* Certificate is almost always used. CSC 474 Dr. Peng Ning 16

Certificate message Required for any agreed-on key exchange method except for anonymous Diffie-Hellman. Anonymous D-H Problem? Contains one or a chain of X.509 certificates. CSC 474 Dr. Peng Ning 17 Server_key_exchange message Not required if The server has sent a certificate with fixed D-H parameters, or RSA key exchange is to be used. Needed for Anonymous D-H Ephemeral D-H RSA key exchange, in which the server is using RSA but has a signature-only RSA key. Fortezza CSC 474 Dr. Peng Ning 18

Certificate_request message Request a certificate from the client Two parameters Certificate_type RSA, signature only DSS, signature only Certificate_authorities CSC 474 Dr. Peng Ning 19 Server_done message Indicate the end of server hello and associated messages. CSC 474 Dr. Peng Ning 20

Phase 3. Client Authentication and Key Exchange Client Server Certificate client_key_exchange* certificate_verify CSC 474 Dr. Peng Ning 21 Phase 3. Client Authentication and Key Exchange Certificate One or a chain of certificates. Client_key_exchange RSA: encrypted pre-master secret with the server s public key. D-H: client s public key. Certificate_verify Only sent following any client certificate that has signing capability Proves the client is the valid owner of the certificate. CSC 474 Dr. Peng Ning 22

Phase 4. Finish Client Server Change_cipher_spec* Finished* Change_cipher_spec* Finished* CSC 474 Dr. Peng Ning 23 Master Secret Creation The master secret is a one-time 48-byte value. Pre-master secret: by RSA or D-H Master secret is computed from the pre-master secret, client random and server random. CSC 474 Dr. Peng Ning 24

Generation of Cryptographic Parameters Generated from the master secret, client random, and server random. Client write MAC secret Server write MAC secret Client write key Server write key Client write IV Server write IV CSC 474 Dr. Peng Ning 25 Change Cipher Spec Protocol Session State Current state The session state in effect Pending state The session being negotiated. Change Cipher Spec Protocol Cause the pending state to be copied into the current state. CSC 474 Dr. Peng Ning 26

Alert Protocol Convey SSL related alerts to the peer. Compressed and encrypted. Two types of alerts Fatal SSL immediately terminates the connection. Examples Unexpected message Bad_record_mac Warning Examples Close_notify No_certificate CSC 474 Dr. Peng Ning 27 Application Ports Used with SSL https 443 smtps 465 nntps 563 ldaps 636 pop3s 995 ftp-datas 889 ftps 990 imaps 991 CSC 474 Dr. Peng Ning 28

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information